Vulnerability Details : CVE-2014-0542
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, and CVE-2014-0545.
Products affected by CVE-2014-0542
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.214:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:13.0.0.223:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.378:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:11.2.202.359:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:13.0.0.83:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:13.0.0.111:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:14.0.0.110:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.83:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air_sdk:13.0.0.111:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air_sdk:14.0.0.110:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-0542
1.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-0542
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-0542
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0542
-
http://helpx.adobe.com/security/products/flash-player/apsb14-18.html
Adobe Security BulletinVendor Advisory
-
http://security.gentoo.org/glsa/glsa-201408-05.xml
Adobe Flash Player: Multiple vulnerabilities (GLSA 201408-05) — Gentoo security
-
http://secunia.com/advisories/60732
Sign in
-
http://secunia.com/advisories/60710
Sign in
-
http://www.securitytracker.com/id/1030712
Adobe Flash Player Multiple Bugs Let Remote Users Execute Arbitrary Code - SecurityTracker
Jump to